Privacy Policy
The operator of annasomos.com hereby informs the visitors of the Website about its practices in the processing of personal data, the organizational and technical measures taken to protect the data, as well as the visitors’ rights in this regard and the possibilities for enforcing them.
The data controller is Somos Media Bt. (hereinafter referred to as the Operator) (company registration number: 03-06-102991; registered office: 6000 Kecskemét, Klapka utca 19. 2/2., location: 6000 Kecskemét, Klapka u. 19. 2/1.)
If the Operator requests personal data from the visitor of the Website (hereinafter referred to as the User) for any purpose, the following provisions shall apply.
This Privacy Policy contains basic information regarding the handling, processing and registration of any personal data provided by the User when using the Operator’s Website. If you have any questions regarding the handling of your data, please contact our customer service department before using the Website.
The Privacy Policy may be amended at any time, and the User is obliged to check the Website from time to time to ensure that he/she is aware of any changes. The Privacy Policy entered into force on 01 January 2019. The Operator is responsible for the processing of personal data provided on the Website.
DATA REQUEST AND COOKIES
The User does not generally need to provide any data to use the Website. However, in order to use certain services, it may be necessary to provide the Operator with certain personal data.
Depending on the service, the Operator may need the following personal data:
information regarding personal and professional interests;
demographic data;
Cookies can store information about the parameters of the device used for browsing, its browser, as well as your possible settings and previous visits, so that we can provide you with a better user experience.
In addition, the website may place cookies on the User’s device used for browsing, if you expressly approve this when you first enter the website. It is important that these cookies are not placed on the Operator, but on the User’s own device used for browsing, so the user is the one who has full control over them.
1. SCOPE OF DATA PROCESSED
When viewing the Website, the use of cookies placed on the User’s computer may automatically record the start and end time of the User’s visit, IP address, and in some cases – depending on the settings of the User’s computer – the browser, operating system type, language, parameters of the User’s device, the settings provided by the User on the Website, the subpages visited and the time spent on them. The Operator does not and cannot connect this data with personal data, you decide to share it with the express authorization given to us and the cookie settings provided in your browser.
Other data provided for the use of the Website is also processed with the user’s voluntary consent.
The Operator requests that persons under the age of 16 – as defined by the relevant local laws – do not make legal transactions (purchases or any other transaction) without the permission of a parent or legal representative.
2. PURPOSE OF DATA PROCESSING
Data processing serves the continuous connection between registered Users using the Website services and the Operator, the improvement of the user experience, and public opinion polls. Through the use of cookies, the system automatically generates statistical data on the duration of the visit and the pages visited in order for the Operator to further develop, optimize, and tailor the Website services to the User’s needs. The Operator also uses cookies to provide the User with content consistent with the User’s previous activity during the next visit, and to automatically load their own settings, thus making the use of the website more convenient.
Other data provided by the User is used and processed by the Operator solely for the purpose of providing a higher level of service to the User, in particular in the following areas:
to answer questions asked on the Website;
to send our newsletters;
for internal records;
to improve the content of the Website;
to inform you about updates to the Website;
to customize the content of the Website;
to deliver to the User the publications that he/she orders on our website.
The Operator may contact the User by e-mail, telephone, fax or letter, unless one of these has been indicated as a preference. The Operator does not use personal data for purposes other than those specified. The processing of the data provided in this way is carried out with the voluntary consent of the User.
The Operator treats all data and facts concerning the Users confidentially and uses them exclusively for the development of its services and for the preparation of its own statistics. The publication of statements about them is only carried out in a form that is not suitable for the individual identification of individual Users.
The Operator does not forward, publish, sell or rent your personal data without your consent and does not make it available to third parties, unless it is necessary for the purposes set out in this Privacy Policy or is required by law.
If the User has provided his personal data in order to receive information about the Operator’s services by e-mail, it will continue to send it to him by e-mail, unless he expressly requests otherwise. In other cases, when you provide your personal data to the Operator, you have the option to choose whether you would like to receive such information by e-mail.
3. DURATION OF DATA PROCESSING
Session IDs are automatically deleted when you leave the Website, but another part of the cookies helps the Operator to be aware of the User’s previous settings, the data, information provided by him, and other characteristics of the website use, so that they do not have to be entered again on the next visit, and the settings are automatically loaded in order to achieve a more pleasant user experience. The expiration date of these cookies varies, but they are typically present on the User’s device until the User deletes them.
Messages written to the Operator are classified by the Operator at its own discretion, and if it deems that their content is necessary for the protection or enforcement of the legitimate interests of the Operator or another third party, it stores them for 5 years, but uses them strictly only for the above-mentioned purpose. If the Operator does not attribute such importance to the message, it will be deleted within 30 days of receipt.
The Operator does not assume responsibility for previous pages that have already been deleted, but have nevertheless been archived with the help of Internet search engines. The operator of the search engine must ensure their removal.
4. SCOPE OF ACCESS TO DATA, DATA PROCESSORS
The personal data provided by Users may be accessed by the Operator’s employees.
The Operator does not provide personal data to third parties other than those specified. This does not apply to any mandatory data transfers required by law, which may only take place in exceptional cases. Before fulfilling each official data request, the Operator examines whether the legal basis for the data transfer actually exists for each data.
5. USERS’ RIGHTS RELATED TO THE PROCESSING OF THEIR PERSONAL DATA, DATA DELETION
The legal basis for data processing is the voluntary consent of the Users.
Users may request information about the processing of their personal data. Upon request, the Operator provides the data subject with information about the data it processes, the purpose, legal basis, duration of data processing, the name and address of the Operator (registered office: 6000 Kecskemét, Klapka utca 19. 2/2., site: 6000 Kecskemét, Klapka utca 19. 2/2.) and its activities related to data processing, as well as who receives or has received the data and for what purpose. The information can be requested at the Operator’s postal address (6000, Kecskemét Klapka utca 19. 2/2) or at the e-mail address info@somosmedia.hu.
You can also request the correction and deletion of the User’s personal data at the same contact details.
In the event of improper use of the Website’s services and at the User’s own request, the data belonging to them will be deleted. The deletion will take place within 24 hours of the next business day after the deletion request is initiated.
The Operator places great emphasis on the security of your personal data. In order to prevent unauthorized access to personal data, we use appropriate physical and electronic procedures to protect and secure the data received online.
If you wish to modify or delete your cookie settings related to the Website, you can do so – since cookies are stored on the user’s computer and not on the Website Operator – in the settings of the browser used to access the web. You can find further information about these in the Help of the browser you are using, and with its help you can modify your previous cookie settings or delete cookies previously placed by the Operator on your browsing device.
6. RIGHTS OF THE DATA SUBJECTS, LEGAL REMEDIES
(1) Data subjects may at any time request information in writing from the Data Controller about the way in which their personal data is processed by the Data Controller, may indicate their request for deletion or modification, and may withdraw their previously given consent at the contact details provided in point 3.
(2) The data subject may not exercise their right to deletion in the case of data processing that is mandatory under the law.
(3) Content of the right to information: Based on the data subject’s request, the Data Controller shall provide the data subject with the information listed in Articles 13 and 14 of the GDPR regarding the processing of personal data, as well as the information pursuant to Articles 15-22 and 34, in a concise, plain and understandable form.
(4) Content of the right to access: Upon the data subject’s request, the Data Controller shall provide information on whether data processing concerning them is in progress at the Data Controller. If the Data Controller is processing data concerning the applicant, the data subject has the right to access the following:
The personal data concerning him/her;
the purpose(s) of the processing;
the categories of personal data concerned;
the persons to whom the data of the data subject have been or will be disclosed;
the duration of the storage of the data;
the right to rectification, erasure and restriction of processing;
the right to apply to a court or supervisory authority;
the source of the data processed;
profiling and/or automated decision-making, and the details and practical effects of such application;
the transfer of the data processed to a third country or international organisation.
(5) In the event of a request for data as described above, the Data Controller shall provide the data subject with a copy of the data processed by it in accordance with the request. It is possible to request electronic delivery from the Data Controller on a separate request.
(6) The Data Controller shall charge an administration fee of HUF 500 per page for each additional copy.
(7) The deadline for issuing the requested data is 30 days from the receipt of the request.
(8) Right to rectification: The data subject may request the rectification of inaccurate data concerning him or her processed by the Data Controller.
(9) Right to erasure: If any of the following reasons apply, the Data Controller shall, at the request of the data subject, delete the data concerning the data subject as soon as possible, but no later than within 5 working days:
The data have been processed unlawfully (without legal authorisation or personal consent);
the processing of the data is not necessary for the achievement of the original purpose;
the data subject withdraws his or her consent to the data processing and the Data Controller has no other legal basis for the data processing;
the data in question were collected in connection with the provision of information society services;
personal data must be deleted in order to comply with the legal obligations of the Data Controller.
(10) The Data Controller is not in a position to delete the data if the data processing is necessary for any of the following reasons:
Further data processing is necessary to comply with legal requirements applicable to the Data Controller;
necessary for the exercise of the right to express an opinion and to be informed;
in the public interest;
for archiving, scientific, research or statistical purposes;
for the exercise or defence of legal claims.
(11) Right to restriction of data processing: If any of the following reasons apply, the Data Controller shall restrict data processing at the request of the data subject:
The data subject disputes the accuracy of the data concerning him or her, in which case the restriction shall apply for the period until the accuracy and correctness of the data in question can be verified in a credible manner;
the data processing is unlawful, but the data subject requests that the data not be deleted and only requests the restriction of data processing;
the data are no longer needed for the processing, but the data subject requests their further storage for the exercise or defence of legal claims.
(12) If the Data Controller imposes a restriction on any data processed, the data subject shall only process the data concerned during the period of the restriction if and to the extent that:
the data subject consents to this;
it is necessary for the exercise or defence of legal claims;
it is necessary for the exercise or defence of the rights of another person;
it is necessary for the exercise of public interest.
(13) Right to withdrawal: The data subject has the right to withdraw his/her consent to the Data Controller at any time – in writing. In the event of such a request, the Data Controller shall immediately and permanently delete all data processed in relation to the data subject, the further storage of which is not required by law or is not necessary for the exercise or defence of rights linked to legitimate interests. The lawfulness of the data processing carried out until the consent is withdrawn shall not be affected by the withdrawal.
(14) Right to data portability: The data subject has the right to request that the Data Controller transmit the data concerning him or her to another data controller in a commonly used, computer-readable format. The Data Controller shall comply with the request as soon as possible, but no later than 30 days.
(15) Automated decision-making and profiling: The data subject shall have the right not to be subject to a decision based solely on automated processing (such as profiling) which has legal effects on him or her or otherwise adversely affects him or her. This right shall not apply if:
the processing is necessary for the conclusion or performance of a contract between the data subject and the Data Controller;
the data subject expressly consents to the use of such a procedure;
its use is authorised by law;
necessary for the establishment or defence of legal claims.
7. DATA SECURITY MEASURES
The Operator stores personal data on the servers of Tárhely.eu Kft. (registered office: 1144 Budapest, Ormánság utca 4. X. emelet 241.), which are protected by 24-hour personal guarding and are located on the Hungarian Internet backbone.
8. LEGAL REMEDIES
A User who feels that the Operator has violated his/her right to the protection of personal data may assert his/her claim before a civil court or may also request the assistance of the National Authority for Data Protection and Freedom of Information (NAIH). The detailed legal provisions regarding this and the Operator’s obligations are contained in Act CXII of 2011 on the Protection of Personal Data and the Public Disclosure of Data of Public Interest, and in Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).
Governing Law:
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation 95/46/EC (General Data Protection Regulation; hereinafter referred to as “GDPR”)
Act CXII of 2011 on the right to informational self-determination and freedom of information (hereinafter referred to as “Infotv.”)
Act V of 2013 on the Civil Code (hereinafter referred to as “Ptk.”)
Act CXXX of 2016 on the Code of Civil Procedure (hereinafter referred to as “Pp.”)
9. INFORMATION ON RISKS TO PRIVACY
The use of the Internet is associated with various threats to privacy.
Please note that your opinion on the Website is personal data, from which it is possible to infer your specific data, including your origin and political opinions. This data becomes available to everyone.
We recommend that you use PET technology (Privacy Enhancing Technology) to protect your personal data. You can find information about this on many websites.
10. IMPORTANT WEBSITES
Privacy-enhancing technologies
“Privacy-enhancing technologies for the Internet”, I. Goldberg, D. Wagner, E. Brewer, IEEE Spring COMPCON, 1997
“Privacy-enhancing technologies for the Internet, II: Five years later”, Ian Goldberg, PET 2002
“Privacy-enhancing technologies for the Internet, III: Ten years later”, Ian Goldberg, in: “Digital Privacy: Theory, Technologies and Practices”, Alessandro Acquisti, Stefanos Gritzalis, Costas Lambrinoudakis, and Sabrina De Capitani di Vimercati, eds., 2007
“Privacy Handbook. Guidelines, Exposures, Policy Implementation, and International Issues”, Albert J. Marcella, Jr.; Carol Stucki, 2003, p.262
Privacy information
National Authority for Data Protection and Freedom of Information (NAIH)